/*
 * Copyright 2008-2023 dexian.vip. All rights reserved.
 * Support: http://www.dexian.vip
 * License: http://www.dexian.vip/license
 */

package vip.dexian.admin.dto;

import vip.dexian.admin.enums.DataScopeEnum;
import vip.dexian.core.security.PermsGrantedAuthority;
import lombok.Data;
import lombok.NoArgsConstructor;
import org.apache.commons.collections4.CollectionUtils;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;

import java.io.Serial;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Set;

/**
 * 管理员凭证
 *
 * @author 挺好的 2023年06月05日 15:43
 */
@NoArgsConstructor
@Data
public class AdminPrincipal implements UserDetails {

    @Serial
    private static final long serialVersionUID = 7041269447679835122L;

    /**
     * 管理员id
     */
    private Long id;

    /**
     * 姓名
     */
    private String name;

    /**
     * 用户名
     */
    private String username;

    /**
     * 头像
     */
    private String avatar;

    /**
     * 密码
     */
    private String password;

    /**
     * 账户未锁定
     */
    private Boolean isAccountNonLocked;

    /**
     * 是否启用
     */
    private Boolean isEnabled;


    /**
     * 部门id
     */
    private Long departmentId;

    /**
     * 获取操作员
     */
    private String operator;

    /**
     * 对应的角色
     */
    private List <AdminRoleDTO> roles;

    /**
     * 数据权限
     */
    private DataScopeEnum dataScope;

    /**
     * 设置管理员的dataScope
     */
    public void afterPropertiesSet () {

        // 优先级 ALL / CUSTOM / SAME_LEVEL
        for (AdminRoleDTO roleDTO : this.roles) {

            switch (roleDTO.getDataScope()) {
                case ALL -> {
                    this.dataScope = DataScopeEnum.ALL;
                    return;
                }
                case CUSTOM -> {
                    this.dataScope = DataScopeEnum.CUSTOM;
                    return;
                }
                case SAME_LEVEL -> {
                    this.dataScope = DataScopeEnum.SAME_LEVEL;
                    return;
                }
            }
        }

    }

    /**
     * @return 权限
     */
    @Override
    public Collection <? extends GrantedAuthority> getAuthorities () {
        if (CollectionUtils.isEmpty(this.roles)) {
            return Collections.emptyList();
        }

        Set <PermsGrantedAuthority> permsAuthorities = new HashSet <>();

        if (CollectionUtils.isEmpty(this.roles)) {
            return permsAuthorities;
        }

        for (AdminRoleDTO role : this.roles) {
            permsAuthorities.add(new PermsGrantedAuthority(role.getIdentity(),
                    vip.dexian.common.utils.CollectionUtils.emptyIfNull(role.getAuthorities())
            ));
        }
        return permsAuthorities;
    }

    /**
     * 账户是否被锁定
     *
     * @return 账户是否锁定
     */
    @Override
    public boolean isAccountNonLocked () {
        return this.isAccountNonLocked;
    }

    /**
     * 账户是否未过期，本系统中暂无账户过期的业务，始终返回true
     *
     * @return 账户是否过期
     */
    @Override
    public boolean isAccountNonExpired () {
        return true;
    }

    /**
     * 凭证是否未过期，本系统中暂无密码过期的业务，始终返回true
     *
     * @return 凭证（密码）是否过期
     */
    @Override
    public boolean isCredentialsNonExpired () {
        return true;
    }

    /**
     * 账户是否启用
     *
     * @return 账户的启用/禁用
     */
    @Override
    public boolean isEnabled () {
        return this.isEnabled;
    }
}
